Google Summer of Code proposal
Tomcat Clustering Support for SingleSignOn
Current maintainers and potential mentor(s)
Fabien Carrion, Lidsol, Mexico
I'm a student in the laboratory LIDSOL in the UNAM, Mexico City.
My opensource participation is composed of a Gaim plugin for the RVP protocol, a tomcat patch for the implementation of the servlet 2.5 specification and some tomcat documentations available on my personal website
I'd like to execute this project because I'll begin to be interested in the tomcat source code, 3 months ago, and I'd like to prolonge the experience with a new project.
The Bugzilla Issue 28039 patch provided for SingleSignOn on a cluster is not complete. The SSO is not transferred from one cluster node to another and all the code is in org.apache.catalina.authentificator, and should be with the cluster classes in org.apache.catalina.cluster.
I also would like to implement another way to communicate data between the tomcat nodes, based on JMS.
JMS is used to send data to a Destination. Nodes send sessions and orders to the others through a Topic, where every node is a publisher and a subscriber. This order can be : session replication, is alive and so on. We can then replicate the session in the JVM's memory in an asynchronous way. But the advantage is that the transportation code is outside of the tomcat code so we don't need IP multicasting or sockets anymore. Moreover we don't have the restriction that all the cluster nodes have to be on the same private network.
The project will be to provide a way to communicate the SSO data between the tomcat nodes, and some code reorganisation.
All the class concerning SingleSignOn will be integrated in the new package : org.apache.catalina.cluster.authenticator.
The user, authenticated once, will be authenticate on each cluster nodes.
All the class concerning JMS communication will be integrated in the new package : org.apache.catalina.cluster.jms.
The communication between cluster nodes will be made through a JMS server. All the specific code for nodes communication will be outside of the tomcat code.
There already exists a way to communicate between cluster nodes SimpleTcpCluster.
There is four steps:
Code reorganisation :
Write a class which extends the actual SingleSignOn class with the code in the patch.
Communication betweem cluster node :
ClusterMessage interface implementation to store SSO data.
Send a SSO message to the cluster nodes from the extended SingleSignOn class.
Extend the ClusterListener class to actualize the SSO data from a received SSO message.
The jms communication implementation needs the implementation of three interfaces :
- Receiver implementation. This class is a JMS subscriber. It connects on the topic and get messages.
- Sender implementation. This class is a JMS publisher. It connects on the topic and send messages.
A class has to convert ClusterMessage to JMS Message.
- 24 May 2006 Summer of Code starts
30 May 2006 SingleSignOn implementation for a cluster has to be finished
6 June 2006 SingleSignOn has to be tested
- 26 June 2006 JMS communication implementation has to be finished
- 31 July 2006 JMS communication has to be tested
- 20 August 2006 JMS communication documentation has to be written